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Office Action Summary 



Application No. 

09/437,584 



Examiner 

Matthew Heneghan 



3plicant(s) 



HOWARD ET AL, 



Art Unit 

2134 



-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent tenm adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to connmunication(s) filed on 05 November 2003 . 
2a)K This action is FINAL. 2b)n This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-31 is/are pending in the application, 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) ^ Claim(s) 1-31 is/are rejected. 
?)□ Claim{s) is/are objected to. 

8) n Claim{s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) K The drawing(s) filed on 9 November 1999 is/are: aO accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121 (d). 

1 1) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
Priority under 35 U.S.C. §§119 and 120 

12) n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)nAII b)n Some*c)n None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)), 
* See the attached detailed Office action for a list of the certified copies not received. 

13) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application) 

since a specific reference was included in the first sentence of the specification or in an Application Data Sheet. 
37 CFR 1.78. 

a) □ The translation of the foreign language provisional application has been received. 

14) n Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 since a specific 

reference was included in the first sentence of the specification or in an Application Data Sheet. 37 CFR 1.78. 



Attachment(s) 

1) □ Notice of References Cited (PTO-892) 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) n Infonnation Disclosure Statement(s) (PTO-1449) Paper No(s). 



4) □ Interview Summary (PTO-413) Paper No(s). 

5) □ Notice of Infomnal Patent Application (PTO-152) 

6) □ Other: 



U.S. Patent and Trademartt Office 
PTOL-326 (Rev. 11-03) 
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DETAILED ACTION 



1 . Applicant has submitted amendments in response to the first office action to 
claims 18 and 26. Claims 1-31 have been examined. 



2. In view of applicant's amendments to the specification, all objections under 37 
CFR 1 .84(p)(5) are withdrawn. 

3. The drawings are objected to under 37 CFR 1 .84(g) because the margins are out 
of specification in Figure 2, as previously noted in Form PTO-948, the Draftperson's 
Report. The objection to the drawings will not be held in abeyance. 



4. In view of applicant's amendments to the specification, the objections to the 
specification are withdrawn. 



Drawings 



Specification 



Claim Rejections - 35 USC § 101 
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5. In view of applicant's amendments to claims 18 and 26, the rejections under 35 
U.S.C. 101 to claims 18-21 and 26-31 are withdrawn. 

Claim Rejections - 35 USC § 102 

6. All rejections under 35 U.S.C. 102 and 35 U.S.C. 103 are being repeated from 
the previous office action. 

7. Claims 1-11 and 13-30 are rejected under 35 U.S.C. 102(a) as being anticipated 
by U.S. Patent No. 5,884,033 to Duval! et al. 

As per claims 1, 2, 6, and 18, Duvall defines a plurality of unwanted input strings 
to be filtered (see column 3, line 64 to column 4, line 1 1 ), a search pattern that permits 
variability, can search a portion of the string, and has wildcard characters (see column 
6, lines 28-42), receives an input string on a web server (see column 8, lines 18-27), 
evaluates the strings, and takes remedial action if necessary, including denying the 
request (see column 6. line 60 to column 7, line 13). 

As per claims 3 and 19, the patterns described in Duvall (see column 6, lines 35- 
42) constitute a regular expression. 

As per claims 4 and 20, Duvall discloses that the input string may be a URL (see 
column 5, lines 66-67). 

As per claims 5 and 21 , Duvall discloses that the input string may be an HTTP 
verb request, such as a GET request (see column 6, lines 19-25). 
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As per claims 7-10, 13-16, 26, 27, 29, and 30, Dwa// discloses that the search 
patterns may be stored in RAM (see column 4, lines 45-49). 

As per claim 1 1 , Duvall discloses that the product may be patched onto an 
application that is already running (see column 9, line 14 to column 1 1 , line 20). 

As per claims 17 and 22-25, the program is stored in a public directory (on a 
disk) before being installed (see column 10, lines 64-66). 

As per claim 28, the list of patterns may be edited (see column 8, lines 1-9). 



8. Claims 12 and 31 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent No. 5,884,033 to Duvall et al. in view of Oliver et al., "Building a 
Windows NT 4 Internet Server", 1996, p. 203. 

The system disclosed in Duvall may be implemented on a server and that it uses 
an API (see column 10, lines 59-63), but Duvall does not specifically disclose that it 
uses ISAPI. 

Oliver states that ISAPI (which stands for Internet Server API), which is an API 
native to the Microsoft® Internet Information Server, allows programmers to create 
server applications that take advantage of the web server and is tightly linked to the 
operating system. 

Therefore, it would have been obvious to one having ordinary skill in the art at 
the time the invention was made to use a reliable and well-supported API such as the 
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Microsoft® ISAPI, as disclosed in Oliver, when implementing the system disclosed by 
Duvall on a Windows NT server. 



9. Applicant's arguments directed to the previous rejections under 35 U.S.C. 101 
are acknowledged. The amendments to the claims add limitations that the descriptive 
functional material, which is necessary for the efficient function of the disclosed 
invention, are to be on computer-readable media. All claims now teach to statutory 
subject matter 

10. Applicants arguments directed to the previous rejections under 35 U.S.C. 102 
and 35 U.S.C. 103 are acknowledged. 

As per claims 1-25, applicant's arguments are not found to be persuasive. In 
view of the specification of the instant application, attack patterns can only be defined 
as being undesired strings that are intended for the web server. Although the 
specification of the instant application discloses several different kinds of attack 
patterns, those teachings cannot be viewed as limitations. All types of such strings that 
are claimed (URL's and http verb requests) are anticipated by DuvalL 

The mechanism by which such strings are screened out disclosed by Duvall 
anticipates all of the claimed limitations. Duvall processes strings in the claimed 
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manner; applicant's alleged difference is in the subjective intent of the creator of the 
strings rather than in the content or processing of the strings. 

As per claims 26-31, applicant's arguments are not found to be persuasive. The 
claimed matter constitutes statutory subject matter if and only if it is viewed in the 
context of the disclosed invention as a whole; the invention disclosed by Duvall stores 
strings in the claimed manner for use in a server-based string screening apparatus, and 
therefore anticipates the storing of string patterns in the invention of the instant 
application. 



1 1 . THIS ACTION IS MADE FINAL Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 



Conclusion 
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1 2. Any inquiry concerning this communication or earlier communications from tlie 
examiner slioulcl be directed to IVIatthew E. Heneghan, whose telephone number is 
(703) 305-7727. The examiner can normally be reached on IVIonday-Thursday from 
8:00 AM - 4:00 PM Eastern Time. The examiner can also be reached on alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse, can be reached on (703) 308-4789. 

Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks 
Washington, DC 20231 
Or faxed to: 

(703) 872-9306 

Hand-delivered responses should be brought to Crystal Park 2, 2121 Crystal 
Drive, Arlington, VA 22202, Fourth Floor (Receptionist). 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703) 305- 
3900. 

MEH ^rlf 
November 25, 2003 




GREGORY MORSE 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



